Select your localized edition:

Close ×

More Ways to Connect

Discover one of our 28 local entrepreneurial communities »

Be the first to know as we launch in new countries and markets around the globe.

Interested in bringing MIT Technology Review to your local market?

MIT Technology ReviewMIT Technology Review - logo

 

Unsupported browser: Your browser does not meet modern web standards. See how it scores »

{ action.text }

There are two things wrong with this model. First, no matter how many Tracking Protection Lists consumers install in their copies of IE9, there’s no way to guarantee that the user isn’t being tracked, because the tracking services can always spin up a new website with a new domain name. More important, the new feature won’t stop the websites you access from tracking you. And since you won’t block the websites you are using, you won’t block the tracking.

Two other technical approaches to combat tracking have been proposed, and both of them have their problems as well. The first is to use some kind of anonymizing Web filter, such as the open source Web proxy Privoxy. Unfortunately, these programs can’t really block tracking cookies unless you disable JavaScript and Flash, and increasingly the Web doesn’t work if you take such drastic actions. The second approach is to have Web browsers transmit a special header telling the remote website that the user doesn’t want to be tracked—a proposal out of Stanford that you’ll find described at http://donottrack.us/. But unless Congress passes a law giving the Federal Trade Commission the power to regulate this aspect of Internet privacy, compliance with the header will be voluntary.

As it turns out, the idea of Congress passing a law isn’t so far-fetched. The recent Congressional hearing was announced a day after the Federal Trade Commission released a 122-page preliminary staff report, “Protecting Consumer Privacy in an Era of Rapid Change,” which endorsed the creation of a national “do not track” mechanism.

“Do not track” is at the beginning of the policy cycle. Interest groups are still trying to figure out how to explain tracking, figure out where they stand, and then phrase their arguments. But surprisingly, at the hearing, there was near unanimous agreement among the speakers on one point: consumers should have the right to chose whether or not they are tracked.

Alas, the rhetoric of “consumer choice” may ultimately render anti-tracking technology or regulation meaningless. That’s because the companies that are among the best at tracking consumers, such as Google and Facebook, generally have already extracted their users’ consent to be tracked as a precondition to using their services.

If simple solutions to Internet tracking won’t work, what do we need instead? First, we need true transparency by Internet advertisers and technology providers—we shouldn’t have to rely on academics and journalists to figure out what these companies are up to. Second, we need an intent-based system of regulations that, rather than focusing on tracking or blocking techniques, describes what kind of data may be collected, who is allowed access to the data, and how it may be used.

Internet users should also have the legal right to see what information has been collected about them online and the right to have that information selectively deleted. (Being able to delete your Google tracking profile is not really an option if you also have to delete all of your e-mail and find another place to house your calendar.) Simply put, we need to have the Code of Fair Information Practice extended to the Internet—something that business interests have successfully blocked until now.

Current proposals to limit tracking are unlikely to address the core problem—the use of collected information in undisclosed ways. Indeed, the proposals will do little more than put other companies at a disadvantage relative to advertising companies like Google and Facebook, which attract eyeballs with compelling Web-based social networking, messaging, and personal-information-management applications. Thus “do not track,” unless it’s done correctly, will simply accelerate the centralization and monopolization that’s already under way on the Internet.

3 comments. Share your thoughts »

Tagged: Communications, Google, Facebook, Microsoft, privacy, advertising, tracking software

Reprints and Permissions | Send feedback to the editor

From the Archives

Close

Introducing MIT Technology Review Insider.

Already a Magazine subscriber?

You're automatically an Insider. It's easy to activate or upgrade your account.

Activate Your Account

Become an Insider

It's the new way to subscribe. Get even more of the tech news, research, and discoveries you crave.

Sign Up

Learn More

Find out why MIT Technology Review Insider is for you and explore your options.

Show Me